diff --git a/cowrie/output/syslog.py b/cowrie/output/syslog.py new file mode 100644 index 00000000..5b9ccdb7 --- /dev/null +++ b/cowrie/output/syslog.py @@ -0,0 +1,54 @@ +# Copyright (c) 2015 Michel Oosterhof +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# 3. The names of the author(s) may not be used to endorse or promote +# products derived from this software without specific prior written +# permission. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHORS ``AS IS'' AND ANY EXPRESS OR +# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +# IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY DIRECT, INDIRECT, +# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, +# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED +# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +import syslog +import twisted.python.syslog + +import cowrie.core.output + +class Output(cowrie.core.output.Output): + + def __init__(self, cfg): + cowrie.core.output.Output.__init__(self, cfg) + self.facility = cfg.get('output_syslog', 'facility') + self.syslog = twisted.python.syslog.SyslogObserver(prefix='cowrie') + + def start(self): + pass + + def stop(self): + pass + + def write(self, logentry): + #for i in logentry.keys(): + # remove twisted 15 legacy keys + #if i.startswith('log_'): + # del logentry[i] + self.syslog.emit(logentry) + +# vim: set sw=4 et: